Lucene search
K

28 matches found

Prion
Prion
added 2024/03/01 10:15 p.m.23 views

Spoofing

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix removed dentries still existing after log is synced When we move one inode from one directory to another and both the inode and its previous parent directory were logged before, we are not supposed to have the dentry f...

7.1AI score0.00193EPSS
Exploits0References2
Prion
Prion
added 2023/05/30 5:15 a.m.17 views

Design/Logic Flaw

Contacts app for Nextcloud easily syncs contacts from various devices with your Nextcloud and allows editing. The unsanitized SVG is converted to a JavaScript blob in memory data that the Avatar can't render. Due to this constellation the missing sanitization does not seem to be exploitable. It i...

4CVSS4.6AI score0.00848EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2023/05/11 8:37 p.m.26 views

distribution catalog API endpoint can lead to OOM via malicious user input

Impact Systems that run distribution built after a specific commit running on memory-restricted environments can suffer from denial of service by a crafted malicious /v2/catalog API endpoint request. Patches Upgrade to at least 2.8.2-beta.1 if you are running v2.8.x release. If you use the code...

6.5CVSS6.4AI score0.00938EPSS
Exploits0References6Affected Software1
Microsoft CVE
Microsoft CVE
added 2020/08/18 7:0 a.m.11 views

An issue was discovered in xfs_agf_verify in fs/xfs/libxfs/xfs_alloc.c in the Linux kernel through 5.6.10. Attackers may trigger a sync of excessive duration via an XFS v5 image with crafted metadata aka CID-d0c7feaf8767.

...

5.5CVSS7AI score0.00461EPSS
Exploits0
OSV
OSV
added 2020/03/06 9:15 p.m.6 views

CVE-2020-5328

Dell EMC Isilon OneFS versions prior to 8.2.0 contain an unauthorized access vulnerability due to a lack of thorough authorization checks when SyncIQ is licensed, but encrypted syncs are not marked as required. When this happens, loss of control of the cluster can occur...

9.8CVSS7.3AI score0.01387EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/03/06 8:25 p.m.17 views

CVE-2020-5328

Dell EMC Isilon OneFS versions prior to 8.2.0 contain an unauthorized access vulnerability due to a lack of thorough authorization checks when SyncIQ is licensed, but encrypted syncs are not marked as required. When this happens, loss of control of the cluster can occur...

9.8CVSS9.4AI score0.01387EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2018/03/15 12:0 a.m.37 views

openSUSE Security Update : adminer (openSUSE-2018-253)

This update for adminer fixes the following issues : - Sync up conditional sub-packages with devel package to disable uninstallable pacakges for boo1002214. - Update to version v4.4.0 for boo1083948 to resolve CVE-2018-7667 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text...

9.8CVSS8.2AI score0.04603EPSS
Exploits1References3
Veeam
Veeam
added 2012/07/11 12:0 a.m.14 views

Incorrect hardware status returned from vCenter 5 when collected through vSphere API

Challenge When nworks uses "Refresh Hardware" calls, hardware status is not updated on vSphere 5 Cause vSphere 5 does not update the hardware status data available through API - this can be verified in vSphere Managed Objects Browser, which shows an outdated status, while the host MOB will show t...

6.8AI score
Exploits0
Rows per page
Query Builder